Exploit Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Researchers Detailed Credential Abuse Cycle

Gurubaran — Mon, 11 Nov 2024 11:11:46 +0000

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling them to gain unauthorized access. This can lead to data breaches, identity theft, and financial loss across diverse industries and geographic locations. Compromised credentials pose a significant security risk primarily due to data breaches and user negligence. In Q3 2024, they […]

The post Researchers Detailed Credential Abuse Cycle appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Abuse EDRSilencer Red Team Tool To Evade Detection

Aman Mishra — Wed, 16 Oct 2024 12:24:47 +0000

EDRSilencer, a red team tool, interferes with EDR solutions by blocking network communication for associated processes using the WFP, which makes it harder to identify and remove malware, as EDRs cannot send telemetry or alerts. The code demonstrates a technique where malware can evade detection by blocking EDR traffic, making it harder to identify and […]

The post Hackers Abuse EDRSilencer Red Team Tool To Evade Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

Gurubaran — Thu, 10 Oct 2024 14:43:02 +0000

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks. With a CVSS base score of 9.8, the flaw is identified as Use-after-free in the Animation timeline component tracked as CVE-2024-9680 reported by Damien Schaeffer from ESET.“ An attacker was able to achieve code execution in the […]

The post Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Varshini — Thu, 10 Oct 2024 09:20:42 +0000

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat. Given the memory corruption vulnerability, attackers could execute arbitrary code on the machine that is the target of their attack. Additionally, three vulnerabilities were discovered in Veertu’s Anka […]

The post Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files

Aman Mishra — Mon, 07 Oct 2024 11:00:03 +0000

The researcher investigated the potential security risks associated with debugging dump files in Visual Studio by focusing on vulnerabilities that could be exploited without relying on memory corruption or specific PDB file components. After analyzing various libraries used during debug sessions, they discovered a method to execute arbitrary code when debugging managed dump files, which […]

The post RCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild

Aman Mishra — Thu, 12 Sep 2024 14:43:50 +0000

RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16, were leveraged to execute remote access tools and gain persistence. Despite the availability of patches, many organizations were slow to apply them, leading to widespread attacks. The attackers abused NmPoller.exe […]

The post Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security Flaw Allows Attackers to Clone YubiKeys by Extract Private Key

Varshini — Wed, 04 Sep 2024 11:19:36 +0000

Secure elements consist mainly of tiny microcontrollers, which provide service by generating and storing secrets and performing cryptographic operations. Thomas Roche of NinjaLab finds a major security flaw in the crypto library of Infineon Technologies affecting a diverse range of secure elements and FIDO hardware tokens, including the popular YubiKey 5 Series. The vulnerability, which […]

The post Security Flaw Allows Attackers to Clone YubiKeys by Extract Private Key appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

PoC Exploit Released For 0-Day Windows Kernel Privilege Escalation Vulnerability

Eswar — Wed, 04 Sep 2024 08:15:31 +0000

Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024. One of the vulnerabilities listed by Microsoft was the CVE-2024-38106. This vulnerability is associated with Windows Kernel Privilege Escalation affecting multiple Microsoft Windows OSes including Windows 10, 11 and Windows Server (2016, 2019, 2022). Moreover, Microsoft stated that this vulnerability was […]

The post PoC Exploit Released For 0-Day Windows Kernel Privilege Escalation Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BYOVDLL – A New Exploit That Is Bypassing LSASS Protection

Tushar Subhra — Wed, 14 Aug 2024 12:13:45 +0000

In July 2022, Microsoft patched a well-known PPL bypass flaw, initially discovered by Ionescu and Forshaw. This allowed protection circumvention without kernel code execution, and this update now broke the PPLdump PoC. SCRT Team researchers at Orange Cyberdefense recently discovered a new exploit that enables threat actors to bypass LSASS protection. This new exploit was […]

The post BYOVDLL – A New Exploit That Is Bypassing LSASS Protection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code

Kaaviya — Mon, 12 Aug 2024 09:13:07 +0000

By reverse-engineering Quick Share’s proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal, and denial-of-service conditions. These flaws were chained together to achieve remote code execution on Windows systems with Quick Share installed, bypass file approval dialogs and establish persistent Wi-Fi connections. Google addressed these issues with two […]

The post Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.